3efd52b84e7a0bdb2699865571ff5cb9cd5e7bad3edc9f94e2012446c75750a4

Sharing

Copy URL

Twitter E-mail

General

Target

3efd52b84e7a0bdb2699865571ff5cb9cd5e7bad3edc9f94e2012446c75750a4
Size

454KB
MD5

d2d1f03e7598ee6765a5249bc3175f3c
SHA1

6e4c68c23faa55e8ac6bf284707c8636b29d0088
SHA256

3efd52b84e7a0bdb2699865571ff5cb9cd5e7bad3edc9f94e2012446c75750a4
SHA512

c0df3672b9ee18288c9763cbfd7af40152a0c5857698d70e62ddc52cd8e9fc3388614f6ad7352c4167108564b63d22557a307fbbe0ecb34b57899f82dadc5a2a
SSDEEP

6144:D9+736W+8DmsK/VfGaAs87MgKlZjAqN3CeatPaK:DM736W+8ysK/V+aRl+qN32

Score

N/A

Malware Config

Signatures

Files

3efd52b84e7a0bdb2699865571ff5cb9cd5e7bad3edc9f94e2012446c75750a4
.exe windows x86

5e35ee6deac7d317be8d0db6ddf8f706

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

msi

ord179
ord150
ord78
ord113
ord8

kernel32

CompareStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
GetVersionExA
lstrcmpW
lstrlenW
GetLastError
CloseHandle
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetPrivateProfileSectionW
GetFileAttributesW
GetFullPathNameW
GetSystemDirectoryW
GetExitCodeProcess
CreateProcessW
lstrcmpiW
CreateMutexW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetModuleFileNameW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
GetUserDefaultLangID
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
HeapFree
DeleteFileW
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
ExitProcess
ReadFile
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetConsoleCtrlHandler
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CreateFileW
HeapSize
CreateFileA
SetEndOfFile

user32

TranslateMessage
LoadStringW
MessageBoxW
CharNextW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e35ee6deac7d317be8d0db6ddf8f706

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msi

kernel32

user32

Sections

.text Size: 163KB - Virtual size: 162KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 251KB - Virtual size: 251KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 163KB - Virtual size: 162KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 251KB - Virtual size: 251KB

.reloc
Size: 8KB - Virtual size: 7KB